//
// main.m
// testps
//
// Created by haidragon on 2019/5/30.
// Copyright © 2019 haidragon. All rights reserved.
//
#import <Foundation/Foundation.h>
#include <signal.h>
#include <unistd.h>
#include <sys/sysctl.h>
#include <libproc.h>
#import <AppKit/AppKit.h>
#include <sys/types.h>
typedef void (*kinfo_callback_t) (struct kinfo_proc* proc);
//struct kinfo_proc {
// struct extern_proc kp_proc; /* proc structure */
// struct eproc {
// struct proc *e_paddr; /* address of proc */
// struct session *e_sess; /* session pointer */
// struct _pcred e_pcred; /* process credentials */
// struct _ucred e_ucred; /* current credentials */
// struct vmspace e_vm; /* address space */
// pid_t e_ppid; /* parent process id */
// pid_t e_pgid; /* process group id */
// short e_jobc; /* job control counter */
// dev_t e_tdev; /* controlling tty dev */
// pid_t e_tpgid; /* tty process group id */
// struct session *e_tsess; /* tty session pointer */
//#define WMESGLEN 7
// char e_wmesg[WMESGLEN+1]; /* wchan message */
// segsz_t e_xsize; /* text size */
// short e_xrssize; /* text rss */
// short e_xccount; /* text references */
// short e_xswrss;
// int32_t e_flag;
//#define EPROC_CTTY 0x01 /* controlling tty vnode active */
//#define EPROC_SLEADER 0x02 /* session leader */
//#define COMAPT_MAXLOGNAME 12
// char e_login[COMAPT_MAXLOGNAME]; /* short setlogin() name */
// int32_t e_spare[4];
// } kp_eproc;
//};
/* Exported fields for kern sysctls */
//struct extern_proc {
// union {
// struct {
// struct proc *__p_forw; /* Doubly-linked run/sleep queue. */
// struct proc *__p_back;
// } p_st1;
// struct timeval __p_starttime; /* process start time */
// } p_un;
//#define p_forw p_un.p_st1.__p_forw
//#define p_back p_un.p_st1.__p_back
//#define p_starttime p_un.__p_starttime
// struct vmspace *p_vmspace; /* Address space. */
// struct sigacts *p_sigacts; /* Signal actions, state (PROC ONLY). */
// int p_flag; /* P_* flags. */
// char p_stat; /* S* process status. */
// pid_t p_pid; /* Process identifier. */
// pid_t p_oppid; /* Save parent pid during ptrace. XXX */
// int p_dupfd; /* Sideways return value from fdopen. XXX */
// /* Mach related */
// caddr_t user_stack; /* where user stack was allocated */
// void *exit_thread; /* XXX Which thread is exiting? */
// int p_debugger; /* allow to debug */
// boolean_t sigwait; /* indication to suspend */
// /* scheduling */
// u_int p_estcpu; /* Time averaged value of p_cpticks. */
// int p_cpticks; /* Ticks of cpu time. */
// fixpt_t p_pctcpu; /* %cpu for this process during p_swtime */
// void *p_wchan; /* Sleep address. */
// char *p_wmesg; /* Reason for sleep. */
// u_int p_swtime; /* Time swapped in or out. */
// u_int p_slptime; /* Time since last blocked. */
// struct itimerval p_realtimer; /* Alarm timer. */
// struct timeval p_rtime; /* Real time. */
// u_quad_t p_uticks; /* Statclock hits in user mode. */
// u_quad_t p_sticks; /* Statclock hits in system mode. */
// u_quad_t p_iticks; /* Statclock hits processing intr. */
// int p_traceflag; /* Kernel trace points. */
// struct vnode *p_tracep; /* Trace to vnode. */
// int p_siglist; /* DEPRECATED. */
// struct vnode *p_textvp; /* Vnode of executable. */
// int p_holdcnt; /* If non-zero, don't swap. */
// sigset_t p_sigmask; /* DEPRECATED. */
// sigset_t p_sigignore; /* Signals being ignored. */
// sigset_t p_sigcatch; /* Signals being caught by user. */
// u_char p_priority; /* Process priority. */
// u_char p_usrpri; /* User-priority based on p_cpu and p_nice. */
// char p_nice; /* Process "nice" value. */
// char p_comm[MAXCOMLEN+1];
// struct pgrp *p_pgrp; /* Pointer to process group. */
// struct user *p_addr; /* Kernel virtual addr of u-area (PROC ONLY). */
// u_short p_xstat; /* Exit status for wait; also stop signal. */
// u_short p_acflag; /* Accounting flags. */
// struct rusage *p_ru; /* Exit information. XXX */
//};
void callback(struct kinfo_proc* proc){
printf("pid %d\n",proc->kp_proc.p_pid);
NSRunningApplication * app = [NSRunningApplication runningApplicationWithProcessIdentifier:proc->kp_proc.p_pid];
if(app.icon!=nil){
const char* Name=[app.localizedName UTF8String];
printf("Name=== %s\n",Name);
}else{
char pathBuffer[PROC_PIDPATHINFO_MAXSIZE];
bzero(pathBuffer, PROC_PIDPATHINFO_MAXSIZE);
proc_pidpath(proc->kp_proc.p_pid, pathBuffer, sizeof(pathBuffer));
if (strlen(pathBuffer) > 0) {
printf("path: %s\n", pathBuffer);
}
}
}
int enumerate_processes (kinfo_callback_t callback);
int main1();
int main2();
int main(){
main2();
//enumerate_processes(callback);
return 0;
}
int main1(){
int i, mib[4];
size_t len;
struct kinfo_proc kp;
/* Fill out the first three components of the mib */
len = 4;
sysctlnametomib("kern.proc.pid", mib, &len);
/* Fetch and print entries for pid's < 100 */
for (i = 0; i < 100; i++) {
mib[3] = i;
len = sizeof(kp);
if (sysctl(mib, 4, &kp, &len, NULL, 0) == -1)
perror("sysctl");
else if (len > 0)
{
printf("1");
}
//printkproc(&kp);
}
return 0;
}
int main2(){
int numberOfProcesses = proc_listpids(PROC_ALL_PIDS, 0, NULL, 0);
pid_t pids[numberOfProcesses];
bzero(pids, sizeof(pids));
proc_listpids(PROC_ALL_PIDS, 0, pids,(unsigned long)sizeof(pids));
for (int i = 0; i < numberOfProcesses; ++i) {
if (pids[i] == 0) { continue; }
char pathBuffer[PROC_PIDPATHINFO_MAXSIZE];
bzero(pathBuffer, PROC_PIDPATHINFO_MAXSIZE);
proc_pidpath(pids[i], pathBuffer, sizeof(pathBuffer));
if (strlen(pathBuffer) > 0) {
printf("path: %s\n", pathBuffer);
}
}
return 0;
}
int enumerate_processes (kinfo_callback_t callback)
{
static const int sysctl_name[] = { CTL_KERN, KERN_PROC, KERN_PROC_ALL, 0 };
size_t length;
int err, done, i;
struct kinfo_proc *kproc = NULL;
err = sysctl( (int *) sysctl_name, (sizeof(sysctl_name) / sizeof(*sysctl_name)) - 1, NULL, &length, NULL, 0);
if (err)
return 0;
kproc = (struct kinfo_proc*)malloc (length);
if (!kproc)
return 0;
err = sysctl( (int *) sysctl_name, (sizeof(sysctl_name) / sizeof(*sysctl_name)) - 1, kproc, &length, NULL, 0);
if (err)
return 0;
for (i = 0; i < length / sizeof (*kproc); i++)
callback (kproc+i);
free (kproc);
return 1;
}
https://github.com/starmessage/cpcc/blob/d818ee9b4e7968f7dd7dd867c008f45461fe72df/app.cpccAppMac.h
https://github.com/Shmuma/z/blob/e2522bea79fde1ff519ae41045d1868be5e52677/src/libs/zbxsysinfo/freebsd/proc.c
https://github.com/frida/frida-core/blob/76299807d02aafd1cbd29eeddc349de2e7d8d25f/src/darwin/system-darwin.m